<?php
    
    require_once('msc-load.php');
    global $db;

    if(isset($_POST['action']) && $_POST['action'] == 'addHotel'):

        /* Add hotel handler */

        (isset($_POST['hotel_name']) ? $hotelName = mysqli_real_escape_string($db, $_POST['hotel_name']) : die('Validation Error!'));
        (isset($_POST['hotel_phone']) ? $hotelPhone = mysqli_real_escape_string($db, $_POST['hotel_phone']) : die('Validation Error!'));
        (isset($_POST['hotel_email']) ? $hotelEmail = mysqli_real_escape_string($db, $_POST['hotel_email']) : $hotelEmail = '');
        (isset($_POST['hotel_website']) ? $hotelWebsite = mysqli_real_escape_string($db, $_POST['hotel_website']) : $hotelWebsite = '');
        (isset($_POST['hotel_coords']) ? $hotelCoords = addslashes($_POST['hotel_coords']) : $hotelCoords = '');
        (isset($_POST['hotel_details']) ? $hotelDetails = addslashes($_POST['hotel_details']) : $hotelDetails = '');
        (isset($_POST['stars']) ? $hotelStars = mysqli_real_escape_string($db, $_POST['stars']) : $hotelStars = 1);
        (isset($_POST['hotel_address']) ? $hotelAddress = mysqli_real_escape_string($db, $_POST['hotel_address']) : die('Validation Error!'));
        (isset($_POST['hotel_zip']) ? $hotelZIP = mysqli_real_escape_string($db, $_POST['hotel_zip']) : die('Validation Error!'));
        (isset($_POST['hotel_city']) ? $hotelCity = mysqli_real_escape_string($db, $_POST['hotel_city']) : die('Validation Error!'));
        (isset($_POST['hotel_country']) ? $hotelCountry = mysqli_real_escape_string($db, $_POST['hotel_country']) : die('Validation Error!'));
        (isset($_POST['featured']) ? $isFeatured = 1 : $isFeatured = 0);
    
        $hotelFacilities = array();
        if(isset($_POST['facilities'])){
            foreach($_POST['facilities'] as $facility) {
                array_push($hotelFacilities, $facility);
            }
        }

        $path = 'media/';

        $hotel_photos = array();
        foreach($_FILES['hotelPhotos']['name'] as $f => $name) :
            if($_FILES['hotelPhotos']['error'][$f] == 4)
                continue;
            if($_FILES['hotelPhotos']['error'][$f] == 0){
                array_push($hotel_photos, $name);
                move_uploaded_file($_FILES["hotelPhotos"]["tmp_name"][$f], '../'.$path.$name);
            }
        endforeach;

        $query = 'INSERT INTO HOTELS (`Name`, `Phone`, `Email`, `Website`, `Stars`, `Photos`, `Facilities`, `Address`, `City`, `PostalCode`, `Country`, `Details`, `Coordinates`, `isFeatured`)
                  VALUES ("'.$hotelName.'", "'.$hotelPhone.'", "'.$hotelEmail.'", "'.$hotelWebsite.'", '.$hotelStars.', "'.mysqli_real_escape_string($db, serialize($hotel_photos)).'", "'.mysqli_real_escape_string($db, serialize($hotelFacilities)).'", "'.$hotelAddress.'", "'.$hotelCity.'", '.$hotelZIP.', "'.$hotelCountry.'", "'.$hotelDetails.'", "'.$hotelCoords.'", '.$isFeatured.')';
    
        if ( $db->query($query) === TRUE ){
            $hotel_id = $db->insert_id;
            
            /* Add room handler */

            if(isset($_POST['room_type1_number']) && $_POST['room_type1_number'] > 0):
                $room_type1_name = mysqli_real_escape_string($db, $_POST['room_type1_name']);
                $room_type1_number = intval(mysqli_real_escape_string($db, $_POST['room_type1_number']));
                $room_type1_guests = intval(mysqli_real_escape_string($db, $_POST['room_type1_guests']));
                $room_type1_price = intval(mysqli_real_escape_string($db, $_POST['room_type1_price']));
                (isset($_POST['room_type1_details']) ? $room_type1_details = addslashes($_POST['room_type1_details']) : $room_type1_details = '');
                $room_type1_photo = '';
                if($_FILES['room_type1_photo']['error'] == 0){
                    $room_type1_photo = $_FILES['room_type1_photo']['name'];
                    move_uploaded_file($_FILES["room_type1_photo"]["tmp_name"], '../'.$path.$room_type1_photo);
                }
                
                $query_room_types = 'INSERT INTO ROOM_TYPES (`Type`, `Guests`, `Price`, `Rooms`, `Details`, `Photo`, `Hotel`) VALUES ';
                $query_room_types .= '("'.$room_type1_name.'", '.$room_type1_guests.', '.$room_type1_price.', '.$room_type1_number.', "'.$room_type1_details.'", "'.mysqli_real_escape_string($db, $room_type1_photo).'", '.$hotel_id.')';

            endif;

            if(isset($_POST['room_type2_number']) && $_POST['room_type2_number'] > 0):
                $room_type2_name = mysqli_real_escape_string($db, $_POST['room_type2_name']);
                $room_type2_number = intval(mysqli_real_escape_string($db, $_POST['room_type2_number']));
                $room_type2_guests = intval(mysqli_real_escape_string($db, $_POST['room_type2_guests']));
                $room_type2_price = intval(mysqli_real_escape_string($db, $_POST['room_type2_price']));
                (isset($_POST['room_type2_details']) ? $room_type2_details = addslashes($_POST['room_type2_details']) : $room_type2_details = '');
                $room_type2_photo = '';
                if($_FILES['room_type2_photo']['error'] == 0){
                    $room_type2_photo = $_FILES['room_type2_photo']['name'];
                    move_uploaded_file($_FILES["room_type2_photo"]["tmp_name"], '../'.$path.$room_type2_photo);
                }

                if($query_room_types != '')
                    $query_room_types .= ',';
                else
                    $query_room_types = 'INSERT INTO ROOM_TYPES (`Type`, `Guests`, `Price`, `Rooms`, `Details`, `Photo`, `Hotel`) VALUES ';

                $query_room_types .= '("'.$room_type2_name.'", '.$room_type2_guests.', '.$room_type2_price.', '.$room_type2_number.', "'.$room_type2_details.'", "'.mysqli_real_escape_string($db, $room_type2_photo).'", '.$hotel_id.')';

            endif;

            if(isset($_POST['room_type3_number']) && $_POST['room_type3_number'] > 0):
                $room_type3_name = mysqli_real_escape_string($db, $_POST['room_type3_name']);
                $room_type3_number = intval(mysqli_real_escape_string($db, $_POST['room_type3_number']));
                $room_type3_guests = intval(mysqli_real_escape_string($db, $_POST['room_type3_guests']));
                $room_type3_price = intval(mysqli_real_escape_string($db, $_POST['room_type3_price']));
                (isset($_POST['room_type3_details']) ? $room_type3_details = addslashes($_POST['room_type3_details']) : $room_type3_details = '');
                $room_type3_photo = '';
                if($_FILES['room_type3_photo']['error'] == 0){
                    $room_type3_photo = $_FILES['room_type3_photo']['name'];
                    move_uploaded_file($_FILES["room_type3_photo"]["tmp_name"], '../'.$path.$room_type3_photo);
                }

                if($query_room_types != '')
                    $query_room_types .= ',';
                else
                    $query_room_types = 'INSERT INTO ROOM_TYPES (`Type`, `Guests`, `Price`, `Rooms`, `Details`, `Photo`, `Hotel`) VALUES ';

                $query_room_types .= '("'.$room_type3_name.'", '.$room_type3_guests.', '.$room_type3_price.', '.$room_type3_number.', "'.$room_type3_details.'", "'.mysqli_real_escape_string($db, $room_type3_photo).'", '.$hotel_id.')';

            endif;

            if(isset($_POST['room_type4_number']) && $_POST['room_type4_number'] > 0):
                $room_type4_name = mysqli_real_escape_string($db, $_POST['room_type4_name']);
                $room_type4_number = intval(mysqli_real_escape_string($db, $_POST['room_type4_number']));
                $room_type4_guests = intval(mysqli_real_escape_string($db, $_POST['room_type4_guests']));
                $room_type4_price = intval(mysqli_real_escape_string($db, $_POST['room_type4_price']));
                (isset($_POST['room_type4_details']) ? $room_type4_details = addslashes($_POST['room_type4_details']) : $room_type4_details = '');
                $room_type4_photo = '';
                if($_FILES['room_type4_photo']['error'] == 0){
                    $room_type4_photo = $_FILES['room_type4_photo']['name'];
                    move_uploaded_file($_FILES["room_type4_photo"]["tmp_name"], '../'.$path.$room_type4_photo);
                }

                if($query_room_types != '')
                    $query_room_types .= ',';
                else
                    $query_room_types = 'INSERT INTO ROOM_TYPES (`Type`, `Guests`, `Price`, `Rooms`, `Details`, `Photo`, `Hotel`) VALUES ';

                $query_room_types .= '("'.$room_type4_name.'", '.$room_type4_guests.', '.$room_type4_price.', '.$room_type4_number.', "'.$room_type4_details.'", "'.mysqli_real_escape_string($db, serialize($room_type4_photos)).'", '.$hotel_id.')';

            endif;

            if(isset($_POST['room_type5_number']) && $_POST['room_type5_number'] > 0):
                $room_type5_name = mysqli_real_escape_string($db, $_POST['room_type5_name']);
                $room_type5_number = intval(mysqli_real_escape_string($db, $_POST['room_type5_number']));
                $room_type5_guests = intval(mysqli_real_escape_string($db, $_POST['room_type5_guests']));
                $room_type5_price = intval(mysqli_real_escape_string($db, $_POST['room_type5_price']));
                (isset($_POST['room_type5_details']) ? $room_type5_details = addslashes($_POST['room_type5_details']) : $room_type5_details = '');
                $room_type5_photo = '';
                if($_FILES['room_type5_photo']['error'] == 0){
                    $room_type5_photo = $_FILES['room_type5_photo']['name'];
                    move_uploaded_file($_FILES["room_type5_photo"]["tmp_name"], '../'.$path.$room_type5_photo);
                }

                if($query_room_types != '')
                    $query_room_types .= ',';
                else
                    $query_room_types = 'INSERT INTO ROOM_TYPES (`Type`, `Guests`, `Price`, `Rooms`, `Details`, `Photo`, `Hotel`) VALUES ';

                $query_room_types .= '("'.$room_type5_name.'", '.$room_type5_guests.', '.$room_type5_price.', '.$room_type5_number.', "'.$room_type5_details.'", "'.mysqli_real_escape_string($db, serialize($room_type5_photos)).'", '.$hotel_id.')';

            endif;
            
            if($query_room_types != ''){
                if ( $db->query($query_room_types) === TRUE )
                    header('Location: /msc-admin/hotels.php?status=success');
                else
                    header('Location: /msc-admin/hotels.php?status=failedRooms');
            }
            
            header('Location: /msc-admin/hotels.php?status=success');
            
        }
        else
            header('Location: /msc-admin/hotels.php?status=failed');
    
    elseif(isset($_POST['action']) && isset($_POST['hotel_id']) && $_POST['action'] == 'updateHotel'):

        /* Update hotel handler */

        (isset($_POST['hotel_name']) ? $hotelName = mysqli_real_escape_string($db, $_POST['hotel_name']) : die('Validation Error!'));
        (isset($_POST['hotel_phone']) ? $hotelPhone = mysqli_real_escape_string($db, $_POST['hotel_phone']) : die('Validation Error!'));
        (isset($_POST['hotel_email']) ? $hotelEmail = mysqli_real_escape_string($db, $_POST['hotel_email']) : $hotelEmail = '');
        (isset($_POST['hotel_website']) ? $hotelWebsite = mysqli_real_escape_string($db, $_POST['hotel_website']) : $hotelWebsite = '');
        (isset($_POST['hotel_coords']) ? $hotelCoords = addslashes($_POST['hotel_coords']) : $hotelCoords = '');
        (isset($_POST['hotel_details']) ? $hotelDetails = addslashes($_POST['hotel_details']) : $hotelDetails = '');
        (isset($_POST['stars']) ? $hotelStars = mysqli_real_escape_string($db, $_POST['stars']) : $hotelStars = 1);
        (isset($_POST['hotel_address']) ? $hotelAddress = mysqli_real_escape_string($db, $_POST['hotel_address']) : die('Validation Error!'));
        (isset($_POST['hotel_zip']) ? $hotelZIP = mysqli_real_escape_string($db, $_POST['hotel_zip']) : die('Validation Error!'));
        (isset($_POST['hotel_city']) ? $hotelCity = mysqli_real_escape_string($db, $_POST['hotel_city']) : die('Validation Error!'));
        (isset($_POST['hotel_country']) ? $hotelCountry = mysqli_real_escape_string($db, $_POST['hotel_country']) : die('Validation Error!'));
        (isset($_POST['featured']) ? $isFeatured = 1 : $isFeatured = 0);
    
        $hotelFacilities = array();
        if(isset($_POST['facilities'])){
            foreach($_POST['facilities'] as $facility) {
                array_push($hotelFacilities, $facility);
            }
        }

        $path = 'media/';
        $hotel_photos = array();
        foreach($_FILES['hotelPhotos']['name'] as $f => $name) :
            if($_FILES['hotelPhotos']['error'][$f] == 4)
                continue;
            if($_FILES['hotelPhotos']['error'][$f] == 0){
                array_push($hotel_photos, $name);
                move_uploaded_file($_FILES["hotelPhotos"]["tmp_name"][$f], '../'.$path.$name);
            }
        endforeach;

        if(isset($_POST['photoItem'])){
            foreach($_POST['photoItem'] as $photoItem) {
                array_push($hotel_photos, $photoItem);
            }
        }

        $query = 'UPDATE HOTELS 
                  SET `Name` = "'.$hotelName.'", `Phone` = "'.$hotelPhone.'", `Email` = "'.$hotelEmail.'", `Website` = "'.$hotelWebsite.'", `Stars` = '.$hotelStars.', `Photos` = "'.mysqli_real_escape_string($db, serialize($hotel_photos)).'", `Facilities` = "'.mysqli_real_escape_string($db, serialize($hotelFacilities)).'", `Address` = "'.$hotelAddress.'", `City` = "'.$hotelCity.'", `PostalCode` = '.$hotelZIP.', `Country` = "'.$hotelCountry.'", `Details` = "'.$hotelDetails.'", `Coordinates` = "'.$hotelCoords.'", `isFeatured` = "'.$isFeatured.'"
                  WHERE ID = ' . $_POST['hotel_id'];

        if ( $db->query($query) === TRUE ){
            $hotel_id = $_POST['hotel_id'];
            
            /* Add/Update room handler */

            if(isset($_POST['room_type1_number'])):
                $room_type1_name = mysqli_real_escape_string($db, $_POST['room_type1_name']);
                $room_type1_number = intval(mysqli_real_escape_string($db, $_POST['room_type1_number']));
                $room_type1_guests = intval(mysqli_real_escape_string($db, $_POST['room_type1_guests']));
                $room_type1_price = intval(mysqli_real_escape_string($db, $_POST['room_type1_price']));
                (isset($_POST['room_type1_details']) ? $room_type1_details = addslashes($_POST['room_type1_details']) : $room_type1_details = '');
                $room_type1_photo = '';
                if(isset($_POST['room_type1_photo'])){
                    $room_type1_photo = $_POST['room_type1_photo'];
                }
                elseif($_FILES['room_type1_photo']['error'] == 0){
                    $room_type1_photo = $_FILES['room_type1_photo']['name'];
                    move_uploaded_file($_FILES["room_type1_photo"]["tmp_name"], '../'.$path.$room_type1_photo);
                }
            
                if(isset($_POST['room_type1_id'])){
                    $query_room_type_update = 'UPDATE ROOM_TYPES 
                        SET `Type` = "'.$room_type1_name.'", `Guests` = '.$room_type1_guests.', `Price` = '.$room_type1_price.', `Rooms` = '.$room_type1_number.', `Details` = "'.$room_type1_details.'", `Photo` = "'.mysqli_real_escape_string($db, $room_type1_photo).'"
                        WHERE ID = ' . $_POST['room_type1_id'];
                    $db->query($query_room_type_update);
                }elseif($_POST['room_type1_number'] > 0){
                    $query_room_types = 'INSERT INTO ROOM_TYPES (`Type`, `Guests`, `Price`, `Rooms`, `Details`, `Photo`, `Hotel`) VALUES ';
                    $query_room_types .= '("'.$room_type1_name.'", '.$room_type1_guests.', '.$room_type1_price.', '.$room_type1_number.', "'.$room_type1_details.'", "'.mysqli_real_escape_string($db, $room_type1_photo).'", '.$hotel_id.')';   
                }

            endif;

            if(isset($_POST['room_type2_number'])):
                $room_type2_name = mysqli_real_escape_string($db, $_POST['room_type2_name']);
                $room_type2_number = intval(mysqli_real_escape_string($db, $_POST['room_type2_number']));
                $room_type2_guests = intval(mysqli_real_escape_string($db, $_POST['room_type2_guests']));
                $room_type2_price = intval(mysqli_real_escape_string($db, $_POST['room_type2_price']));
                (isset($_POST['room_type2_details']) ? $room_type2_details = addslashes($_POST['room_type2_details']) : $room_type2_details = '');
                $room_type2_photo = '';
                if(isset($_POST['room_type2_photo'])){
                    $room_type2_photo = $_POST['room_type2_photo'];
                }
                elseif($_FILES['room_type2_photo']['error'] == 0){
                    $room_type2_photo = $_FILES['room_type2_photo']['name'];
                    move_uploaded_file($_FILES["room_type2_photo"]["tmp_name"], '../'.$path.$room_type2_photo);
                }

                if(isset($_POST['room_type2_id'])){
                    $query_room_type_update = 'UPDATE ROOM_TYPES 
                        SET `Type` = "'.$room_type2_name.'", `Guests` = '.$room_type2_guests.', `Price` = '.$room_type2_price.', `Rooms` = '.$room_type2_number.', `Details` = "'.$room_type2_details.'", `Photo` = "'.mysqli_real_escape_string($db, $room_type2_photo).'"
                        WHERE ID = ' . $_POST['room_type2_id'];
                    $db->query($query_room_type_update);
                }elseif($_POST['room_type2_number'] > 0){
                    $query_room_types = 'INSERT INTO ROOM_TYPES (`Type`, `Guests`, `Price`, `Rooms`, `Details`, `Photo`, `Hotel`) VALUES ';
                    $query_room_types .= '("'.$room_type2_name.'", '.$room_type2_guests.', '.$room_type2_price.', '.$room_type2_number.', "'.$room_type2_details.'", "'.mysqli_real_escape_string($db, $room_type2_photo).'", '.$hotel_id.')';   
                }

            endif;

            if(isset($_POST['room_type3_number'])):
                $room_type3_name = mysqli_real_escape_string($db, $_POST['room_type3_name']);
                $room_type3_number = intval(mysqli_real_escape_string($db, $_POST['room_type3_number']));
                $room_type3_guests = intval(mysqli_real_escape_string($db, $_POST['room_type3_guests']));
                $room_type3_price = intval(mysqli_real_escape_string($db, $_POST['room_type3_price']));
                (isset($_POST['room_type3_details']) ? $room_type3_details = addslashes($_POST['room_type3_details']) : $room_type3_details = '');
                $room_type3_photo = '';
                if(isset($_POST['room_type3_photo'])){
                    $room_type3_photo = $_POST['room_type3_photo'];
                }
                elseif($_FILES['room_type3_photo']['error'] == 0){
                    $room_type3_photo = $_FILES['room_type3_photo']['name'];
                    move_uploaded_file($_FILES["room_type3_photo"]["tmp_name"], '../'.$path.$room_type3_photo);
                }

                if(isset($_POST['room_type3_id'])){
                    $query_room_type_update = 'UPDATE ROOM_TYPES 
                        SET `Type` = "'.$room_type3_name.'", `Guests` = '.$room_type3_guests.', `Price` = '.$room_type3_price.', `Rooms` = '.$room_type3_number.', `Details` = "'.$room_type3_details.'", `Photo` = "'.mysqli_real_escape_string($db, $room_type3_photo).'"
                        WHERE ID = ' . $_POST['room_type3_id'];
                    $db->query($query_room_type_update);
                }elseif($_POST['room_type3_number'] > 0){
                    $query_room_types = 'INSERT INTO ROOM_TYPES (`Type`, `Guests`, `Price`, `Rooms`, `Details`, `Photo`, `Hotel`) VALUES ';
                    $query_room_types .= '("'.$room_type3_name.'", '.$room_type3_guests.', '.$room_type3_price.', '.$room_type3_number.', "'.$room_type3_details.'", "'.mysqli_real_escape_string($db, $room_type3_photo).'", '.$hotel_id.')';   
                }

            endif;

            if(isset($_POST['room_type4_number'])):
                $room_type4_name = mysqli_real_escape_string($db, $_POST['room_type4_name']);
                $room_type4_number = intval(mysqli_real_escape_string($db, $_POST['room_type4_number']));
                $room_type4_guests = intval(mysqli_real_escape_string($db, $_POST['room_type4_guests']));
                $room_type4_price = intval(mysqli_real_escape_string($db, $_POST['room_type4_price']));
                (isset($_POST['room_type4_details']) ? $room_type4_details = addslashes($_POST['room_type4_details']) : $room_type4_details = '');
                $room_type4_photo = '';
                if(isset($_POST['room_type4_photo'])){
                    $room_type4_photo = $_POST['room_type4_photo'];
                }
                elseif($_FILES['room_type4_photo']['error'] == 0){
                    $room_type4_photo = $_FILES['room_type4_photo']['name'];
                    move_uploaded_file($_FILES["room_type4_photo"]["tmp_name"], '../'.$path.$room_type4_photo);
                }

                if(isset($_POST['room_type4_id'])){
                    $query_room_type_update = 'UPDATE ROOM_TYPES 
                        SET `Type` = "'.$room_type4_name.'", `Guests` = '.$room_type4_guests.', `Price` = '.$room_type4_price.', `Rooms` = '.$room_type4_number.', `Details` = "'.$room_type4_details.'", `Photo` = "'.mysqli_real_escape_string($db, $room_type4_photo).'"
                        WHERE ID = ' . $_POST['room_type4_id'];
                    $db->query($query_room_type_update);
                }elseif($_POST['room_type4_number'] > 0){
                    $query_room_types = 'INSERT INTO ROOM_TYPES (`Type`, `Guests`, `Price`, `Rooms`, `Details`, `Photo`, `Hotel`) VALUES ';
                    $query_room_types .= '("'.$room_type4_name.'", '.$room_type4_guests.', '.$room_type4_price.', '.$room_type4_number.', "'.$room_type4_details.'", "'.mysqli_real_escape_string($db, $room_type4_photo).'", '.$hotel_id.')';
                }

            endif;

            if(isset($_POST['room_type5_number'])):
                $room_type5_name = mysqli_real_escape_string($db, $_POST['room_type5_name']);
                $room_type5_number = intval(mysqli_real_escape_string($db, $_POST['room_type5_number']));
                $room_type5_guests = intval(mysqli_real_escape_string($db, $_POST['room_type5_guests']));
                $room_type5_price = intval(mysqli_real_escape_string($db, $_POST['room_type5_price']));
                (isset($_POST['room_type5_details']) ? $room_type5_details = addslashes($_POST['room_type5_details']) : $room_type5_details = '');
                $room_type5_photo = '';
                if(isset($_POST['room_type5_photo'])){
                    $room_type5_photo = $_POST['room_type5_photo'];
                }
                elseif($_FILES['room_type5_photo']['error'] == 0){
                    $room_type5_photo = $_FILES['room_type5_photo']['name'];
                    move_uploaded_file($_FILES["room_type5_photo"]["tmp_name"], '../'.$path.$room_type5_photo);
                }

                if(isset($_POST['room_type5_id'])){
                    $query_room_type_update = 'UPDATE ROOM_TYPES 
                        SET `Type` = "'.$room_type5_name.'", `Guests` = '.$room_type5_guests.', `Price` = '.$room_type5_price.', `Rooms` = '.$room_type5_number.', `Details` = "'.$room_type5_details.'", `Photo` = "'.mysqli_real_escape_string($db, $room_type5_photo).'"
                        WHERE ID = ' . $_POST['room_type5_id'];
                    $db->query($query_room_type_update);
                }elseif($_POST['room_type5_number'] > 0){
                    $query_room_types = 'INSERT INTO ROOM_TYPES (`Type`, `Guests`, `Price`, `Rooms`, `Details`, `Photo`, `Hotel`) VALUES ';
                    $query_room_types .= '("'.$room_type5_name.'", '.$room_type5_guests.', '.$room_type5_price.', '.$room_type5_number.', "'.$room_type5_details.'", "'.mysqli_real_escape_string($db, $room_type5_photo).'", '.$hotel_id.')';
                }

            endif;
            
            if($query_room_types != ''){
                if ( $db->query($query_room_types) === TRUE )
                    header('Location: /msc-admin/hotels.php?status=success');
                else
                    header('Location: /msc-admin/hotels.php?status=failedRooms');
            }
            
            header('Location: /msc-admin/hotels.php?status=success');
            
        }
        else
            header('Location: /msc-admin/hotels.php?status=failed');

    elseif(isset($_POST['action']) && $_POST['action'] == 'delete'):

        $query = 'DELETE FROM `HOTELS` WHERE ID=' . $_POST['hotel_id'];
        if ( $db->query($query) === TRUE )
            header('Location: /msc-admin/hotels.php?status=success');
        else
            header('Location: /msc-admin/hotels.php?status=failedDelete');
        
    endif;
?>